SUSE-SU-2023:1817-1 -- SLES MozillaFirefoxID: oval:org.secpod.oval:def:89048700 | Date: (C)2023-06-02 (M)2024-03-27 |
Class: PATCH | Family: unix |
This update for MozillaFirefox fixes the following issues: * Firefox Extended Support Release 102.10.0 ESR * CVE-2023-29531: Out-of-bound memory access in WebGL on macOS * CVE-2023-29532: Mozilla Maintenance Service Write-lock bypass * CVE-2023-29533: Fullscreen notification obscured * MFSA-TMP-2023-0001: Double-free in libwebp * CVE-2023-29535: Potential Memory Corruption following Garbage Collector compaction * CVE-2023-29536: Invalid free from JavaScript code * CVE-2023-29539: Content-Disposition filename truncation leads to Reflected File Download * CVE-2023-29541: Files with malicious extensions could have been downloaded unsafely on Linux * CVE-2023-29542: Bypass of file download extension restrictions * CVE-2023-29545: Windows Save As dialog resolved environment variables * CVE-2023-1945: Memory Corruption in Safe Browsing Code * CVE-2023-29548: Incorrect optimization result on ARM64 * CVE-2023-29550: Memory safety bugs fixed in Firefox 112 and Firefox ESR 102.10
Platform: |
SUSE Linux Enterprise Server 15 SP1 |